ClawHub

OpenClaw飞书获取文档

v1.0.0

获取飞书云文档内容。返回文档的 Markdown 内容,支持处理文档中的图片、文件和画板(需配合 feishu_doc_media 工具)。

0· 165·0 current·0 all-time
by@chenfa188
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description say: fetch Feishu cloud document and return Markdown, including media handled via an external feishu_doc_media tool. SKILL.md only contains parsing and orchestration instructions and refers to complementary tools — this is coherent with the declared purpose.
Instruction Scope
Instructions are focused: extract token from URL/HTML tags, call feishu_doc_media to download media, and call feishu_wiki_space_node to resolve wiki tokens. Note: it assumes the presence of other tools (feishu_doc_media, feishu_wiki_space_node, feishu_sheet, feishu_bitable_*). The skill itself does not request credentials or access unrelated system files, but it instructs writing media to an output_path (requires agent filesystem write permissions).
Install Mechanism
No install spec and no code files (instruction-only). This minimizes disk writes and installation risk.
Credentials
No required environment variables, primary credential, or config paths are declared. The SKILL.md does not access env vars or credentials itself. Note that actual API access would be performed by the referenced tools, which may require credentials — those should be reviewed separately.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent presence or attempt to modify other skills/configs.
Assessment
This skill is an orchestration document: it parses Feishu doc tokens and directs other Feishu tools to download media or resolve wiki tokens. Before installing: (1) confirm the complementary tools it calls (feishu_doc_media, feishu_wiki_space_node, feishu_sheet, bitable tools) are trusted and review their requested credentials, since those tools will perform API calls; (2) be aware the skill may instruct writing downloaded media to a filesystem path — ensure the agent runtime has appropriate and limited filesystem permissions; (3) treat extracted tokens and downloaded files as sensitive data. The skill itself does not request extra credentials and appears internally consistent.

Like a lobster shell, security has layers — review code before you run it.

latestvk9762nszc8dcnstz5py2qc4p4x83ry41

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments